API Keys allow you to:
- Upload and download assets to IPFS using Storage via dashboard, CLI, or SDKs
- Use a dedicated RPC Edge service in your application
- Use Bundler & Paymaster services for your Smart Wallets
- Enable various services such as signing in with Google, Facebook, Apple, Email, and Custom JWT when using Embedded wallets.
API Keys consists of two components:
- Client ID- Used to access the enabled thirdweb infrastructure services and identify your application using an app bundle ID (identifier for native apps) or domain (identifier for websites). Client IDs can be restricted to allow only specified domains and app bundle IDs to access the enabled services.
- Secret Key- Used to access the enabled thirdweb infrastructure services by identifying and authenticating your application from a backend. Sharing or exposing this key to others is unsafe because it grants access to all services.